Openswan@2.3.0 Security Vulnerabilities and Issues — Openswan@2.3.0 CVE List

Lucene search

XeleranceOpenswan2.3.0

3 matches found

CVE•added 2014/01/26 8:55 p.m.•168 views

CVE-2013-6466

Openswan 2.6.39 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and IKE daemon restart) via IKEv2 packets that lack expected payloads.

5CVSS6.4AI score0.01102EPSS

CVE•added 2011/11/17 7:55 p.m.•51 views

CVE-2011-4073

Use-after-free vulnerability in the cryptographic helper handler functionality in Openswan 2.3.0 through 2.6.36 allows remote authenticated users to cause a denial of service (pluto IKE daemon crash) via vectors related to the (1) quick_outI1_continue and (2) quick_outI1 functions.

4CVSS5.9AI score0.01149EPSS

CVE•added 2005/01/29 5:0 a.m.•48 views

CVE-2005-0162

Stack-based buffer overflow in the get_internal_addresses function in the pluto application for Openswan 1.x before 1.0.9, and Openswan 2.x before 2.3.0, when compiled with XAUTH and PAM enabled, allows remote authenticated attackers to execute arbitrary code.

7.2CVSS7.6AI score0.04296EPSS